Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
 
Search the VMware Knowledge Base (KB)   View by Article ID
 

vShield Zones OVF import fails and results in an error

Details

A vShield Zones OVF import fails with Host did not have any virtual network defined. This failure occurs in a vCenter Server instance where a vNetwork Distributed Switch (vNDS) is deployed without a vSwitch or an available port group.

The following scenario results in a failed vShield Zones installation:
  1. Create a datacenter under the Host & Clusters node.
  2. Create an ESX host in the datacenter.
  3. Create a vSwitch with a physical NIC and a port group for only the Service Console and VMkernel. No additional port groups are present on the vSwitch.
  4. Create a vNetwork Distributed Switch with a dvPort Group (default settings) and at least one physical NIC for uplink.
  5. Deploy vShield Zones according to "Installing a vShield Manually on a vNetwork Distributed Switch" in the vShield Zones Administration Guide. The following error message appears: Host did not have any virtual network defined.

Solution

To install vShield Zones in a vNDS environment, you must have a vSwitch with a port group that does not contain the service console and VMKernel.
If a vSwitch does not exist, perform the following steps to deploy vShield Zones successfully:
  1. Create a vSwitch on an ESX host.
  2. Create a port group on the vSwitch for vShield Zones deployment. This port group must not contain the service console or VMKernel.
  3. Install vShield Zones according to "Installing a vShield Manually on a vNetwork Distributed Switch" in the vShield Zones Administration Guide.
  4. After installing the vShield Zones appliances, you can delete the port group and vSwitch.
If a vSwitch exists with only one port group assigned to the service console and VMKernel, perform the following steps to deploy vShield Zones successfully:
  1. Create a port group (with default settings) on the vSwitch for vShield Zones. This port group must not contain the service console or VMKernel.
  2. Install vShield Zones according to "Installing a vShield Manually on a vNetwork Distributed Switch" in the vShield Zones Administration Guide.
  3. After installing the vShield Zones virtual appliances, you can delete the port group.
The vShield Zones virtual appliances are packaged in OVF files. Do not deploy vShield Zones virtual appliances by using Converter, as Converter might lose important settings during the conversion process

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)
Actions
  • Bookmark Document
  • Email Document
  • Print Document
  • Subscribe to Document
  • Bookmark and Share